- 1 2 3 4 5 IN THE UNITED STATES DISTRICT COURT 6 FOR THE NORTHERN DISTRICT OF CALIFORNIA 7 8 CHARLES REIDINGER, Case No. 19-cv-06968-CRB 9 Plaintiff, ORDER GRANTING MOTION TO 10 v. DISMISS WITH LEAVE TO AMEND 11 ZENDESK, INC., et al., 12 Defendants. 13 A class of Zendesk, Inc. stock purchasers led by Local 353, I.B.E.W. Pension Fund 14 (the Pension Fund) is suing Zendesk and several of its officers for securities fraud under 15 §§ 10(b) and 20(a) of the Securities Exchange Act of 1934 and Securities and Exchange 16 Commission (SEC) Rule 10b-5. The Pension Fund alleges that Zendesk and its officers 17 made false and misleading statements relating to (1) Zendesk’s performance and sales 18 capabilities in Europe, the Middle East, and Africa (EMEA) and the Asian Pacific 19 (APAC), and (2) Zendesk’s data security. 20 Zendesk has moved to dismiss the Pension Fund’s complaint for failure to state a 21 claim for which relief may be granted. The Court has determined that oral argument is not 22 necessary and vacates the hearing previously scheduled for November 12, 2020. The 23 Court grants Zendesk’s motion to dismiss because the Pension Fund has alleged neither (1) 24 any material misstatement or omission nor (2) scienter under the heightened pleading 25 standards applicable to securities fraud class actions. The Court grants the Pension Fund 26 leave to amend to cure these pleading deficiencies. 27 I. BACKGROUND 1 lawsuits against Zendesk and appointed the Pension Fund as lead plaintiff. See Order 2 Consolidating Cases (dkt. 42). The Pension Fund then filed an Amended Class Action 3 Complaint on behalf of all purchasers of Zendesk common stock between February 6, 4 2019 and October 1, 2019, inclusive (the Class Period). See Amended Compl. (dkt. 51) at 5 1. The Pension Fund alleges that Zendesk and three officers—Chief Executive Officer 6 Mikkel Svane, Chief Financial Officer Elena Gomez, and Senior Vice President of 7 Worldwide Sales Norman Gennaro—committed securities fraud in violation of § 10(b) of 8 the Securities Exchange and SEC Rule 10b-5. See id. ¶¶ 34–36, 124–127. The Pension 9 Fund also alleges that the individual defendants violated § 20(a) of the Securities 10 Exchange Act as control persons liable for any fraud committed by Zendesk and its other 11 employees. See id. ¶¶ 128–131. 12 Because Zendesk has moved to dismiss the Amended Complaint, the Court must 13 accept the Pension Fund’s well-pleaded allegations as true. Usher v. City of Los Angeles, 14 828 F.2d 556, 561 (9th Cir. 1987). The Pension Fund’s general allegations are as follows. 15 Zendesk sells customer service software to companies, including small and medium sized 16 businesses (Zendesk’s “SMB” or “velocity” business) and larger customers (“enterprise” 17 business). Amended Compl. ¶¶ 1, 4–6. In doing so, Zendesk collects, stores, and 18 transmits sensitive customer, agent, and end-user data, including personal identifiable 19 information (PII). Id. ¶ 8. In 2018, Zendesk made 48% of its revenue from clients outside 20 the United States, with 29% of revenue coming from EMEA clients and 11% coming from 21 APAC clients. Id. ¶ 2. Because Zendesk has never been profitable, revenue growth drives 22 the company’s value as reflected in its common stock price. Id. ¶ 3. 23 The Pension Fund’s claims center around two events that allegedly caused 24 Zendesk’s stock price to decline: (1) subpar performance in the EMEA and APAC regions 25 during Q2 2019; and (2) the September 24, 2019 discovery and subsequent disclosure of a 26 data breach that had been ongoing for three years. 27 First, on July 30, 2019, Zendesk announced its Q2 2019 financial results. Id. ¶ 20. 1 Company had reported over the prior eight quarters.” Id. Svane stated that EMEA and 2 APAC growth “didn’t quite live up to [Zendesk’s] expectations” as a result of 3 “macroeconomic factors” and the company’s “suboptimal execution.” Id. Zendesk’s 4 stock price dropped from $93.12 per share to $83.65 per share the next day. Id. ¶ 74. 5 “Over the following months,” Zendesk announced “structural changes” to its EMEA and 6 APAC strategies, “including implementing ‘best practices’ from its U.S. Business . . . and 7 hiring high level executives to ensure that its leadership in the regions was adequate.” Id. 8 Second, on September 24, 2019, Zendesk “reportedly identified that it had 9 experienced a data breach nearly three years earlier, prior to November 2016, involving 10 personally identifiable information for approximately 15,000 Support and Chat customer 11 accounts and authentication information for an additional approximately 7,000 customer 12 accounts.” Id. ¶ 23. Zendesk’s stock price dropped 4.7% that day, and dropped again on 13 September 27 and October 2 as Zendesk notified customers and the public about the 14 breach. Id. ¶¶ 24, 82, 87. 15 The Pension Fund has sued Zendesk under § 10(b) of the Securities Exchange Act 16 and Rule 10b-5, alleging that these events revealed that Zendesk had made material 17 misrepresentations to its investors, causing those investors to pay inflated prices for 18 Zendesk stock and to incur financial injury when the stock price dropped after Zendesk 19 disclosed the truth. Id. ¶ 127.1 The Pension Fund also sued Svane, Gomez, and Gennaro 20 under § 20(a) of the Securities Exchange Act, alleging that they “acted as controlling 21 persons of Zendesk” and were thus liable for any underlying securities fraud. Id. ¶ 129. 22 Zendesk has moved to dismiss the Pension Fund’s Amended Complaint. See Mot. 23 to Dismiss (dkt. 54). 24 II. LEGAL STANDARD 25 A. Rule 12(b)(6) 26 Under Rule 12(b)(6) of the Federal Rules of Civil Procedure, a complaint may be 27 1 dismissed for failure to state a claim upon which relief may be granted. Fed. R. Civ. P. 2 12(b)(6). Rule 12(b)(6) applies when a complaint lacks either “a cognizable legal theory” 3 or “sufficient facts alleged” under such a theory. Godecke v. Kinetic Concepts, Inc., 937 4 F.3d 1201, 1208 (9th Cir. 2019). Evaluating a motion to dismiss, the Court “must presume 5 all factual allegations of the complaint to be true and draw all reasonable inferences in 6 favor of the nonmoving party.” Usher, 828 F.2d at 561. “[C]ourts must consider the 7 complaint in its entirety, as well as other sources courts ordinarily examine when ruling on 8 Rule 12(b)(6) motions to dismiss, in particular, documents incorporated into the complaint 9 by reference, and matters of which a court may take judicial notice.” Tellabs, Inc. v. 10 Makor Issues & Rights, Ltd., 551 U.S. 308, 322 (2007).2 11 If a court dismisses a complaint for failure to state a claim, it should “freely give 12 leave” to amend “when justice so requires.” Fed. R. Civ. P. 15(a)(2). A court nevertheless 13 has discretion to deny leave to amend due to, among other things, “repeated failure to cure 14 deficiencies by amendments previously allowed, undue prejudice to the opposing party by 15 virtue of allowance of the amendment, [and] futility of amendment.” Leadsinger, Inc. v. 16 BMG Music Pub., 512 F.3d 522, 532 (9th Cir. 2008) (citing Foman v. Davis, 371 U.S. 17 178, 182 (1962)). 18 B. Claims under Section 10(b) of the Securities Exchange Act and Rule 10b-5 19 Section 10(b) of the Securities Exchange Act of 1934 forbids the “use or employ, in 20 connection with the purchase or sale of any security . . . [of] any manipulative or deceptive 21 device or contrivance in contravention of such rules and regulations as the [SEC] may 22 prescribe as necessary or appropriate in the public interest or for the protection of 23 investors.” 15 U.S.C. § 78j(b). SEC Rule 10b-5 implements § 10(b) and declares it 24 unlawful: 25 (a) To employ any device, scheme, or artifice to defraud, 26 2 The Court grants Zendesk’s Request for Judicial Notice (dkt. 1-1) because the relevant 27 documents are either incorporated by reference in the Amended Complaint or not subject to (b) To make any untrue statement of a material fact or to omit to state a 1 material fact necessary in order to make the statements made . . . not 2 misleading, or (c) To engage in any act, practice, or course of business which operates or 3 would operate as a fraud or deceit upon any person, in connection with the purchase or sale of any security. 4 17 C.F.R. § 240.10b-5. 5 The Supreme Court has implied a right of action to stock purchasers or sellers 6 injured by a violation of § 10(b) and Rule 10b-5. See Dura Pharms., Inc. v. Broudo, 544 7 U.S. 336, 341 (2005). To state a claim, plaintiffs must plead “(1) a material 8 misrepresentation (or omission); (2) scienter, i.e., a wrongful state of mind; (3) a 9 connection with the purchase or sale of a security; (4) reliance . . .; (5) economic loss; and 10 (6) ‘loss causation,’ i.e., a causal connection between the material misrepresentation and 11 the loss.” Id. at 341–42 (citation omitted). The first two elements are particularly relevant 12 here. 13 The first element of a Rule 10b-5 claim is a material misstatement or omission. 14 Dura Pharms., Inc., 544 U.S. at 341. Materiality depends on whether “there is a substantial 15 likelihood that a reasonable shareholder would consider” the information to be 16 “important.” Basic Inc. v. Levinson, 485 U.S. 224, 231 (1988) (quoting TSC Indus., Inc. 17 v. Northway, Inc., 426 U.S. 438, 449 (1976)). For an omission, “there must be a 18 substantial likelihood that the disclosure of the omitted fact would have been viewed by 19 the reasonable investor as having significantly altered the ‘total mix’ of information made 20 available.” Id. at 231–32 (quoting TSC Industries, 426 U.S. at 449). This standard is not 21 “too low,” because a “minimal standard might bring an overabundance of information 22 within its reach, and lead management simply to bury shareholders in an avalanche of 23 trivial information.” Id. at 231 (citation omitted). 24 Second, the defendant will not be liable unless they had a sufficiently culpable state 25 of mind. See Ernst & Ernst v. Hochfelder, 425 U.S. 185, 197–99 (1976). Because § 10(b) 26 covers only “manipulative or deceptive” conduct, and Rule 10b-5 implements (and thus 27 1 involving manipulation or deceit. Santa Fe Indus., Inc. v. Green, 430 U.S. 462, 473–74 2 (1977). Accordingly, a plaintiff must allege that the defendant had the “intent to deceive, 3 manipulate, or defraud.” Ernst & Ernst, 425 U.S. at 188. Knowledge of falsity or 4 deception is enough to satisfy this standard. See Gebhart v. SEC, 595 F.3d 1034, 1041 5 (9th Cir. 2010). And although the Supreme Court has never addressed whether 6 recklessness can give rise to liability under Rule 10b-5, see Tellabs, Inc., 551 U.S. at 319 7 n.3, the Ninth Circuit has held that scienter is established when defendants “were reckless 8 as to the truth or falsity of their statements,” Gebhart, 595 F.3d at 1041. But because 9 Scienter “turns on the defendant’s actual state of mind,” the defendant must have been at 10 least “consciously” reckless. Id. at 1042.3 11 Special pleading requirements apply to the first two elements of a Rule 10b-5 claim. 12 Tellabs, Inc., Ltd., 551 U.S. at 313. The Private Securities Litigation Reform Act of 1995 13 (PSLRA) requires plaintiffs to both (1) “specify each statement alleged to have been 14 misleading [and] the reason or reasons why the statement is misleading,” 15 U.S.C. § 78u– 15 4(b)(1); and (2) “state with particularity facts giving rise to a strong inference that the 16 defendant acted” with the requisite scienter—that is, the intent “to deceive, manipulate, or 17 defraud.” Tellabs, 551 U.S. at 313–314 (quoting 15 U.S.C. § 78u–4(b)(2); Ernst & Ernst, 18 425 U.S. at 194 & n.12.4 19 C. Claims under § 20(a) of the Securities Exchange Act 20 Under § 20(a), “every person who, directly or indirectly, controls any person 21 liable” for a violation of § 10(b) “shall also be liable jointly and severally with and to the 22 same extent as such controlled person.” 15 U.S.C. § 78t(a). Nonetheless, a control person 23 who “acted in good faith and did not directly or indirectly induce the act or acts 24 constituting the violation” is not liable. Id. 25 26 3 Thus, although extreme departures from an objective standard of care may give rise to an inference that the defendant was consciously reckless, the recklessness inquiry is subjective, not 27 objective. Gebhart, 595 F.3d at 1042. 1 III. DISCUSSION 2 Zendesk argues that the Pension Fund has not stated a claim under § 10(b) and Rule 3 10b-5 because (i) the Pension Fund has not alleged any actionable false or misleading 4 statements or omissions relating to Zendesk’s EMEA and APAC performance or the 2016 5 data breach that went undetected for three years, Mot. to Dismiss at 6–18; (ii) the Pension 6 Fund has not pleaded facts establishing a “strong inference” of scienter, id. at 18–23; and 7 (iii) the Pension Fund has not adequately pleaded loss causation, id. at 23–24. Zendesk 8 argues that the Pension Fund has not stated a claim under § 20(a) because the Pension 9 Fund has not plausibly alleged either an underlying § 10(b) violation or that the individual 10 defendants had enough control over Zendesk and its employees to be liable. 11 The Court grants Zendesk’s motion to dismiss with leave to amend. The Pension 12 Fund has not specifically alleged that Zendesk made any false statements or omitted any 13 material facts. Nor do the Pension Fund’s allegations give rise to the strong inference that 14 Zendesk or its officers acted with the intent to deceive, manipulate, or defraud. The 15 Pension Fund has thus failed to state a claim under §§ 10(b) and 20(a). 16 A. Alleged EMEA and APAC Performance Fraud 17 The Pension Fund has failed to state a claim for which relief may be granted 18 relating to Zendesk’s EMEA and APAC performance. The Pension Fund has not 19 identified any false statement made by Zendesk or any material fact that Zendesk 20 misleadingly omitted. And the Pension Fund’s allegations give rise to the inference that 21 Zendesk erred strategically in EMEA and APAC, not the strong inference that Zendesk 22 intended to deceive or manipulate its investors. 23 1. Specific Allegations 24 Zendesk’s relative weakness in the EMEA and APAC regions became apparent on 25 July 30, 2019. Zendesk filed its Form 8-K for Q2 2019, reporting overall “revenue growth 26 of 37%, which was below the 38%-41% range the Company had reported over the prior 27 eight quarters.” Id. ¶ 68. Zendesk reduced its 2019 overall cash flow outlook from $55- 1 to $175-$178 million. Id. The same day, Svane told investors on a conference call that 2 “growth in EMEA and APAC, although still solid, didn’t quite live up to our own 3 expectations, and is lagging other regions.” Id. ¶ 69. Gomez told investors that Q2 2019 4 revenue growth in EMEA was 33%, down from 38% the previous quarter and 42% during 5 the 2018 fiscal year. Id. Similarly, Q2 2019 revenue growth in APAC was 31%, down 6 from 39% the previous quarter and 47% during the 2018 fiscal year. Id. 7 The Pension Fund alleges that upon learning of these results, investment analysts 8 expressed concern about Zendesk’s slowing revenue growth in EMEA and APAC. Id. 9 ¶ 72–73. Although investors were unsure the extent to which slowing EMEA and APAC 10 growth was due to macroeconomic factors as opposed to business execution, Zendesk’s 11 stock price dropped from $93.12 per share when the market closed on July 30 to $83.56 12 per share when the market closed on July 31. Id. ¶ 74–76. 13 When discussing growth deceleration in EMEA and APAC, Zendesk blamed both 14 “macroeconomic factors” and “suboptimal execution.” Id. ¶ 69. Head of Investor 15 Relations Marc Cabi told investors that “within specific countries . . . [d]eals are taking 16 somewhat longer to close in certain instances. . . . But it’s really difficult to discern the 17 macro fundamentals from execution fundamentals.” Id. In terms of execution, Gomez 18 said “I think it starts with understanding . . . the pipeline in the back half of the year, 19 understanding close rates, understanding the productivity of all the reps in that region. 20 And as well obviously, we’re having success in North America, so we’re doing some 21 comparisons on what’s working here, and are there certain things that we can bring to the 22 region that make sense for that region? Typically, we try to do uniform things, but there 23 are definitely localized practices that just make more sense.” Id. At an investor 24 conference on September 11, 2019, Svane cited “macroeconomic factors” as playing a role 25 in the EMEA and APAC regions, but also acknowledged that “ensuring that we also invest 26 in proper leadership, proper coverage around the world, where we have so much of our 27 business, is probably something where we are a little behind where we should be.” Id. 1 had when we went public. And there’s like three guys and a dog managing that business. . 2 . . [W]e need to do better and we are investing to do a lot better on that.” Id. After the 3 Class Period, Zendesk’s officers continued suggesting that slowing EMEA and APAC 4 growth was due to a lack of sales leadership that could drive more enterprise deals in the 5 regions, and that Zendesk was working to fix that problem across EMEA and APAC, 6 including in the Australia-New Zealand (ANZ) sub-region. Id. ¶¶ 90, 93–94, 96–97. 7 Zendesk officers also stated that Zendesk was focusing on adopting the best practices of its 8 “velocity” business in the Americas in these regions. Id. ¶¶ 95–97. 9 The Pension Fund alleges that before the slowdown in EMEA and APAC was 10 revealed on July 30, 2019, Zendesk had made materially false and misleading statements. 11 The Pension Fund cites the following specific statements: 12 a. February 5, 2019 Shareholder Letter 13 Zendesk’s February 5, 2019 Shareholder Letter (concerning fiscal year 2018 and Q4 14 2018 performance) stated that there was “strong demand” for Zendesk’s products globally 15 in 2018. “We continue to deliver strong revenue growth from [SMBs] and large 16 enterprises. . . . [A]s a proxy of our success in moving upmarket, the percentage of our 17 monthly recurring revenue from customers with 100 or more Zendesk support agents 18 expanded to 40% at the end of the fourth quarter compared to 38% a year ago.” Under the 19 heading “2018 in review,” the letter stated that Zendesk’s “growth in 2018 reflects the 20 strength of our products, our ability to execute, and global trends that are driving demand 21 . . . [w]ith customers in more than 160 countries . . . we are seeing strong global demand 22 and revenue growth in every region.” Under the heading “Enterprise Momentum,” the 23 letter stated that “[i]n 2018, we also significantly matured our enterprise sales and 24 marketing initiatives by hiring talent and building teams with the experience necessary to 25 serve as strategic partners with our enterprise customers. We broadened our sales and 26 customer success capabilities . . . while increasing our executive engagement with strategic 27 customer accounts. We also hired an executive-level leader of partner channels to develop 1 ¶¶ 46–47. 2 b. February 5, 2019 Conference Call 3 On February 5, 2019, Zendesk hosted a conference call with investors regarding 4 Q4 2018 and 2018 fiscal year results. Gomez stated that Zendesk was 5 pleased with its Q4 performance. “It’s really a combination of the sales force executing 6 and productivity up all around; strength in our Americas business, particularly with 7 bigger deals this quarter. There’s a healthy demand environment, overall, we’re seeing. 8 We’re not seeing our pipeline slip in any way.” Gomez stated that Zendesk would 9 “continue” to add “named account managers and named account executives . . . there may 10 be tweaks, but nothing wholesale changed.” When asked about EMEA growth, Head of 11 Investor Relations Marc Cabi said Zendesk was seeing similar success in EMEA enterprise 12 growth: “we employ the same kind of go-to-market motions in all the regions. EMEA has 13 had a very strong presence across all business sizes.” And in terms of macroeconomic 14 issues, Gomez said “we haven’t seen anything, any disruption. And the first place we’re 15 looking, obviously, is our pipelines. And we look at our pipeline across every region 16 . . . . And so far, we have not seen anything . . . Not that it won’t come. But today, with 17 the data we have, we haven’t seen it.” Id. ¶¶ 48–49. 18 c. February 25, 2019 JMP Securities Technology Conference Presentation 19 20 On February 25, 2019, Gennaro spoke at the JMP Securities Technology 21 conference. He stated that as the company began pursuing more enterprise accounts, it 22 “had to work in a different way and support them in a different manner.” So, in 2018, 23 Zendesk started “putting in the people and activities in place to make that happen.” For 24 example, on “the sales side . . . you need to have account reps that are dedicated to a 25 specific enterprise and making sure that they understand the terminology that those 26 companies use and the concerns that they would have.” Zendesk previously had done that 27 “in pockets. But this is—it just allowed us to kind of build it out and expand it.” Id. ¶ 56. 1 On March 27, 2019 Zendesk issued a press release announcing Amy Foo as new 2 managing director in the Australia-New Zealand (ANZ) APAC sub-region. The press 3 release stated that Zendesk was “Poised for Next Phase of Growth in ANZ With New 4 Leadership.” It stated that in 2018, “ANZ saw a strong double digit growth in total 5 number of customer accounts . . . . This boost solidifies Zendesk ANZ as the largest 6 market in the region, and fourth largest market for the company globally. ANZ was also a 7 significant contributor to the [APAC] region’s growth . . . . Under Amy’s leadership, the 8 organization will continue to deepen its relationships with the market’s startups and 9 [SMBs], and further showcase its product offerings to large scale, multinational 10 enterprises.” The press release quotes Gomez as saying “I am excited to see how [Foo] 11 will lead our business into our next phase of growth particularly in a mission-critical 12 market like ANZ.” The release goes on to state that “[a] key factor to achieving its growth 13 has been Zendesk’s continuous investment into finding and fostering local talent. The 14 number of employees grew by almost half (49%) in FY18 to more than 300 people across 15 engineering and go-to-market roles.” Id. ¶ 57. 16 e. April 30, 2019 Shareholder Letter 17 Zendesk’s April 30, 2019 Shareholder Letter regarding its Q1 2019 performance 18 stated that “[d]emand for our products remains strong as companies around the world, 19 large and small, seek to transform their businesses by adopting modern software . . . . Our 20 growth is driven by favorable global market trends and our dedication to delivering 21 seamless, omnichannel experiences . . . . We are advancing our move upmarket by 22 investing in the expansion of our product and go-to-market capabilities to serve larger, 23 more complex use-cases.” The letter also stated that Zendesk’s “broad-based growth in the 24 first quarter reflects the strength of our products, our improved sales and marketing 25 initiatives, and global trends that are driving high demand.” Under the heading 26 “Leadership Team,” the letter stated that Zendesk was “scaling our operations to support 27 our global growth and momentum . . . . We also recently expanded our leadership 1 platforms and products to help companies around the world transform their customer 2 experiences.” Id. ¶¶ 59–60. 3 f. April 30, 2019 Conference Call and “Follow-Up” Call 4 During an April 30, 2019 conference call with investors, Gomez said that Zendesk’s 5 growth during Q1 2019 “was driven by continued favorable market dynamics, product 6 innovation and improving sales and marketing initiatives.” She noted that the quarter had 7 featured “strong and balanced revenue growth across all regions.” Gomez stated that the 8 Americas “had a very strong start to the year. I think the regions, if there’s a place where 9 I’m paying attention to, particularly in APAC, that’s a place we’re looking at. But other 10 than that, I don’t think there’s anything different.” Analysts at Piper Jaffray noted that 11 during a “follow-up call, management indicated pockets of macro-related cautious 12 feedback in some APAC countries.” Id. ¶¶ 61–62. 13 g. May 22, 2019 “Analyst Day” Meeting 14 At a May 22, 2019 investor “Analyst Day” meeting, Gomez said that Zendesk’s 15 “global footprint” is “a little bit different. I view this as a complete advantage for us. 16 . . . [C]lose to 50% of our business is outside the U.S. . . . This has been completely 17 important for us as we think about managing our portfolio of regions. We definitely focus 18 on all regions doing well, but the fact that we’re balanced, it doesn’t ever put any pressure 19 on any single region. So this is incredibly important and speaks to the opportunity that lies 20 ahead.” Id. ¶ 65. 21 h. May 29, 2019 Cowen Technology, Media & Telecom Conference 22 23 During a May 29, 2019 Cowen Technology, Media & Telecom Conference, an 24 unspecified Zendesk representative stated that “[I]n the past 12 months, we’ve seen 25 extremely strong U.S. growth . . . As we go outside the U.S., the markets have been strong. 26 We did point out on our first call—first quarter earnings that we’re just closely watching 27 APAC. Nothing alarming there, but there has been some uneven performance in the 1 * 2 The Pension Fund argues that these statements were materially false or misleading 3 because they indicated that Zendesk’s “sales model was the same in all regions, demand 4 was high, execution was strong, the sales pipeline was of no concern, and Zendesk had no 5 data to indicate any slowdown.” Id. ¶ 100. The Pension Fund also argues that the 6 statements were misleading because Zendesk “knew or deliberately disregarded and failed 7 to disclose” that: 8 (a) “Macroeconomic business challenges related to the U.K.’s separation from the European Union, euphemistically referred to as ‘Brexit,’ and the 9 escalating trade war between the United States and China had already 10 begun to have a negative effect on Zendesk’s business performance and thus revenue growth in EMEA and APAC;” and 11 12 (b) “The Company’s execution of its sales model in EMEA and APAC was not strong, as the Company had claimed, nor were the strategies and sales 13 processes applicable in EMEA and APAC the same as in the U.S. Specifically, Zendesk: (i) lacked high level executives and leadership in 14 the regions to effectively sell enterprise products including executives 15 and leadership required to properly engage with enterprise customers and coordinate with Zendesk HQ in San Francisco; and (ii) had not 16 implemented the ‘best practices’ from its U.S. velocity business in 17 EMEA and APAC.” 18 Id. ¶¶ 55(a)–(b); 67(a)–(b). 19 2. First Element: Material Misstatement or Omission 20 The Pension Fund could specify “the reason or reasons” why Zendesk had misled 21 investors, see 15 U.S.C. § 78u–4(b)(1), in two ways. First, the Pension Fund could show 22 that the statements contained material falsehoods. Dura Pharms., Inc., 544 U.S. at 341. 23 Second, the Pension Fund could show that the statements omitted material information in a 24 manner that made the statements misleading. Basic Inc., 485 U.S. at 231–32. The Pension 25 Fund has failed to do either under the applicable pleading standard. 26 a. Falsity 27 The Pension Fund’s allegations do not show that Zendesk’s pre-July 30, 2019 1 First, many of the statements explained Zendesk’s 2018 fiscal year, Q4 2018, and 2 Q1 2019 performance. Statements explaining why Zendesk was successful before Q2 3 2019, in the EMEA and APAC regions or otherwise, are not alleged to have been false. 4 See Amended Compl. ¶¶ 46–49, 56, 59–62. 5 Second, Zendesk’s statements regarding global and regional demand were 6 consistent with eventual growth deceleration in EMEA and APAC. The Pension Fund has 7 not plausibly alleged that Zendesk had reason to know of any weakness in those regions 8 when Zendesk officers made statements in February 2019 discussing Zendesk’s 2018 and 9 Q4 2018 performance. Indeed, the Pension Fund’s allegations are consistent with 10 Gomez’s statement that Zendesk had “not seen anything” in its sales pipeline indicating 11 weakness—“not that it won’t come.” Id. ¶ 49. The Pension Fund does not allege that, 12 contrary to Gomez’s statement, Zendesk’s pipeline had experienced a “slip” (that is, fewer 13 pending deals) about which Gomez or anyone else was aware. Id. ¶ 48. Indeed, the 14 Pension Fund’s allegations indicate that the number of deals did not slip, but that deals 15 ended up “taking longer to close” than expected. Id. ¶ 70. As discussed below, see infra 16 part III.2.b, the Pension Fund does not allege that Zendesk knew deals would take longer 17 to close (or how Zendesk could have known this). Finally, Zendesk’s April 30, 2019 18 Shareholder Letter observed “favorable global market trends” during Q1 2019 but did not 19 say those trends would continue. The same day, Gomez told investors on a conference call 20 that Zendesk was “looking at” APAC due to concerns about performance. Id. ¶ 61.5 21 Third, the Pension Fund does not plausibly allege that Zendesk’s statements about 22 adding sales representatives to grow its enterprise business, see id. ¶¶ 47–49, 56, were 23 false—only that, as it turned out, Zendesk had not added enough people, or the right 24 people, to keep growth steady or accelerating. Gennaro’s February 25, 2019 statement that 25 Zendesk had generally been increasing its efforts to have sales representatives in place to 26 27 5 Similarly, at the May 29, 2019 Cowen Conference, an unspecified Zendesk representative— 1 pursue enterprise clients did not assure that those efforts would result in revenue growth 2 remaining stable or accelerating in EMEA and APAC during the following quarter. Id. 3 ¶ 56. Similarly, there is no indication that Zendesk lied about “scaling” or adding “proven 4 enterprise leaders” across regions as a strategy to drive sales, id. ¶ 60—even if Zendesk, in 5 hindsight, needed to do more to maintain the same levels of growth in the EMEA and 6 APAC regions. 7 Fourth, the Pension Fund’s allegations do not show that Zendesk ever stated that it 8 was using the same sales practices in the U.S. and the EMEA and APAC regions. On 9 February 5, 2019, Gomez stated that Zendesk used “the same kind of go-to market motions 10 in all the regions,” but did not state or imply that strategies across regions were identical or 11 that best practices from the U.S. business were uniformly being applied elsewhere. Id. 12 ¶ 48. Similarly, Gennaro’s February 25, 2019 statement that Zendesk had previously 13 added dedicated enterprise salespeople “in pockets” but had begun pursuing strategies to 14 “build [this strategy] out and expand it” across regions did not indicate that Zendesk had 15 implemented uniform “best practices” across all regions. Id. ¶ 56. 16 Finally, the Pension Fund cites certain other statements that were not factual in 17 nature and thus could not be true or false. For example, Zendesk’s March 27, 2019 press 18 release announcing Foo as managing director of the ANZ sub-region consisted of several 19 undisputed facts regarding ANZ’s importance to Zendesk’s business, then referred to 20 Yoo’s hire as a “boost” that would enable Zendesk to “showcase its product offerings” to 21 enterprise customers during the “next phase of growth . . . in a mission critical market.” Id. 22 ¶ 57. 6 Similarly, Gomez told investors at the March 22, 2019 “Analyst Day” meeting that 23 Zendesk’s “global footprint” was “different,” a “complete advantage,” “balanced,” 24 “important,” and an “opportunity.” Asking whether such “puffery” is true or false is 25 simply a non sequitur. Or. Pub. Emps. Ret. Fund v. Apollo Grp. Inc., 774 F.3d 598, 606 26 27 6 That Zendesk later determined it needed to make additional investments in ANZ does not 1 (9th Cir. 2014) (“[I]nvestors do not rely on vague statements of optimism . . . [or] feel 2 good monikers.”) (citation omitted). 3 In sum, the Pension Fund has not adequately pleaded any specific false statement 4 relating to Zendesk’s EMEA and APAC performance. 5 b. Material Omissions 6 The Pension Fund argues that even if Zendesk’s statements did not contain 7 falsehoods, they were misleading because they did not disclose important information: 8 macroeconomic challenges relating to Brexit and the U.S.-China trade war had “begun” to 9 affect Zendesk’s business; Zendesk’s sales execution was not aligned with the “strategies 10 and sales processes applicable” in the U.S. because Zendesk had not “implemented the 11 ‘best practices’ from its U.S. velocity business”; and Zendesk’s sales execution in EMEA 12 and APAC was “not strong” because it “lacked high level executives” who could drive 13 enterprise business and “coordinate with Zendesk HQ in San Francisco.” Amended 14 Compl. ¶¶ 55(a)–(b); 67(a)–(b). 15 Under the applicable pleading standard, see 15 U.S.C. § 78u–4(b)(1), these were not 16 material omissions in the relevant sense. 17 Zendesk has not specifically alleged either (i) what Zendesk should have disclosed 18 about macroeconomic developments, and (ii) why any failure to disclose information 19 relating to Brexit and the U.S.-China trade war was material. The Pension Fund has not 20 explained whether and how Zendesk should have known these global trends were affecting 21 its APAC and EMEA business; indeed, aside from conclusory statements, see, e.g., 22 Amended Compl. ¶18(a), the Amended Complaint does not clearly allege that these trends 23 affected Zendesk’s business at all.7 Given the lack of detail in the Amended Complaint, 24 the Pension Fund’s allegations establish only that Zendesk failed to disclose an unspecified 25 business effect, about which Zendesk was not necessarily aware at the relevant time, and 26 27 7 Based on “feedback” Zendesk received at an unspecified time, Cabi—speaking after Q2 2019 1 the nature of which remains a mystery. 2 Similarly, the Pension Fund has not explained why Zendesk’s failure to expressly 3 tell investors that it had not implemented ‘best practices’ from its U.S. Velocity business in 4 the EMEA and APAC regions would have been “viewed by the reasonable investor has 5 having significantly altered the ‘total mix’ of information available” before and during Q2 6 2019. Basic Inc., 485 U.S. at 231–32 (quoting TSC Industries, 426 U.S. at 449). The 7 Pension Fund’s allegations show that investors were interested in whether Zendesk was 8 pursuing enterprise clients in EMEA and APAC like it was in the U.S., Amended Compl. 9 ¶ 48, but the allegations do not indicate that investors thought Zendesk employed identical 10 sales practices across regions. It is unclear why, at the time of the challenged statements, 11 investors would have had any reaction to Zendesk disclosing that its strategies across 12 regions were similar in some ways and different in others—even if, in hindsight, Zendesk 13 determined that it needed to use more of its U.S. strategies in EMEA and APAC. 14 Nor has the Pension Fund specified what “fact” Zendesk omitted regarding its sales 15 leadership in the EMEA and APAC regions. See 17 C.F.R. § 240.10b-5. The Pension 16 Fund alleges that Zendesk’s leadership was “not strong” in those regions. Amended 17 Compl. ¶¶ 55(a)–(b); 67(a)–(b). But the Pension Fund’s allegations do not explain how 18 such information would have been “capable of objective verification” at the time of the 19 challenged statements. Or. Pub. Emps. Ret. Fund., 774 F.3d at 598. It is not enough that 20 Zendesk “had complete access to all the sales data in EMEA and APAC during the Class 21 Period.” Opp. to Motion to Dismiss at 18–19; Amended Compl. ¶ 93. To be sure, 22 Zendesk’s sales data would have eventually indicated lagging performance as reflected in 23 the Q2 2019 results, which might imply weak leadership in those regions. The securities 24 laws require quarterly filings precisely so that such information will be disclosed to 25 investors. But the Pension Fund’s allegations do not specify what material facts Zendesk’s 26 top executives (or even its sales leaders) knew and failed to disclose. 27 3. Second Element: Scienter 1 particularity facts giving rise to a strong inference” that Zendesk acted with the intent “to 2 deceive, manipulate, or defraud.” Tellabs, 551 U.S. at 313–314 (quoting 15 U.S.C. § 78u– 3 4(b)(2). To the contrary, the Pension Fund’s allegations give rise to a different inference: 4 that Zendesk made strategic mistakes that it later examined and began taking steps to fix. 5 The Pension Fund provides no reason to think that Zendesk’s sales leaders (let alone 6 Zendesk’s top executives) knew that deals would take longer to close, or the precise 7 reasons why deals would take longer to close, well before the end of Q2 2019. Based on 8 the present allegations, Zendesk’s course of conduct “was neither deceptive nor 9 manipulative and therefore did not violate either § 10(b) . . . or Rule 10b-5.” Santa Fe 10 Indus., Inc., 430 U.S. at 474. 11 B. Alleged Data Security Fraud 12 The Pension Fund has also failed to state a claim for which relief may be granted 13 relating to the data breach that Zendesk failed to detect for three years. Although failure to 14 disclose the data breach may have been a material omission, the Pension Fund has not 15 alleged that Zendesk knew of the data breach (or was consciously reckless with respect to 16 its occurrence) when it made any challenged statements or disclosures. Indeed, the 17 Pension Fund’s allegations are consistent with Zendesk acknowledging the risk of such a 18 breach and swiftly disclosing the breach once Zendesk became aware. Therefore, the 19 Pension Fund’s allegations do not support a strong inference that Zendesk intended to 20 deceive or manipulate its investors. 21 1. Specific Allegations 22 Fund alleges that Zendesk misled investors when it discussed its data security 23 because Zendesk’s “data security program was not up to the highest possible standards and 24 the data systems had already suffered a significant breach,” id. ¶¶ 55(c), 67(c), 78, as 25 disclosed on September 24, 2019, id. ¶ 80. 26 On October 2, 2019, Zendesk published an “Important Notice regarding 2016 27 Security Incident” (the Notice) on its website. Id. ¶ 25. The Complaint incorporates 1 Important Notice regarding 2016 Security Incident We recently were alerted by a third party regarding a security matter that may have 2 affected the Zendesk Support and Chat products and customer accounts of those products 3 activated prior to November of 2016. . . . 4 * * * 5 On September 24 [2019], we identified approximately 10,000 Zendesk Support and 6 Chat accounts . . . whose account information was accessed without authorization prior to November of 2016. Information accessed included some [PII] and other service data. 7 8 For impacted customers, the information accessed from these databases includes the following data: 9 -Email addresses, names and phone numbers of agents and end-users of certain 10 Zendesk products. 11 -Agent and end user passwords that were hashed and salted—a security technique used to make them difficult to decipher, potentially up to November 2016. . . . 12 13 We have also determined that certain authentication information was accessed for a much smaller set of approximately 700 customer accounts, including expired trial accounts 14 and accounts that are no longer active. . . . 15 Id. ¶ 84. The Notice was later updated to reflect that a total of ~22,000 breached customer 16 accounts: ~15,000 Support and Chat accounts, with authentication information accessed 17 for approximately ~7,000 customer accounts. Id. ¶¶ 23, 25, 88. Because Zendesk’s 18 customers often have many end-users, the breach may have affected many persons’ data. 19 Id. ¶ 86.8 20 The Pension Fund alleges that Zendesk’s officers’ subsequent statements indicate 21 that, at the time of the breach in 2016, Zendesk’s security had been “in a very different 22 23 8 The Pension fund alleges that on September 24, 2019, Zendesk’s stock price dropped from 24 $77.23 per share to $73.60 per share and that on September 27, 2019, the stock price dropped from $74.08 per share to $72.08 per share. Id. ¶¶ 81, 83. The Pension Fund alleges that based on 25 Zendesk’s policy of notifying all customers within 72 hours of a breach, customers would have been notified “no later than September 27, 2019.” Id. ¶ 82. The Pension Fund also alleges that 26 following the October 2, 2019 Notice, “the price of Zendesk common stock fell $2.90 per share to close at $69.81 per share . . . on unusually high trading volume.” Id. ¶¶ 26, 87. The parties 27 dispute the precise date that Zendesk became aware of the data breach. Motion to Dismiss at 13 1 state” than it was when the breach was discovered. Id. ¶ 91. After Zendesk disclosed the 2 breach, Zendesk’s Chief Security Officer Maarten Van Horenbeeck said that “[w]hile no 3 security measure can be considered to be 100% effective, Zendesk has significantly 4 invested in its security program since 2016” and detailed certain security measures that had 5 been put in place between when the breach occurred and when it was detected. Id. ¶ 92. 6 The Pension Fund argues that before the data breach was revealed, Zendesk had 7 made materially false and misleading statements. In particular, the Pension Fund cites the 8 following statements: 9 a. February 14, 2019 Form 10-K for Fiscal year 2018 10 This filing stated that Zendesk maintains a “comprehensive security program 11 designed to help safeguard the security and integrity of our customers’ data. We regularly 12 review our security program . . . [and] obtain third-party security audits and examinations 13 of our technical operations and practices covering data security.” Zendesk also noted that 14 in June 2017 it had announced its completion of the EU approval process for using 15 Binding Corporate Rules “as a data processor and controller. This significant regulatory 16 approval validated our implementation of the highest possible standards for protecting PII 17 globally, covering both the PII of our customers and employees.” Id. ¶ 52. The filing also 18 warned investors that if a data breach were to occur, “our products may be perceived as 19 insecure, we may lose existing customers or fail to attract new customers, and we may 20 incur significant liabilities. . . . Unauthorized access to or security breaches of our products 21 could result in the loss of data. . . . We may also experience security breaches that may 22 remain undetected for an extended period.” Id. ¶ 53. 23 b. May 2, 2019 Form 10-Q for Q1 2019 and August 2, 2019 Form 10-Q for Q2 2019 24 25 These filings provided investors with the same warnings regarding the risks that 26 “could” occur “if” Zendesk suffered a data breach, and the possibility that Zendesk “may” 27 experience undetected data breaches. Id. ¶¶ 63, 77. 1 2. First Element: Material Misstatement or Omission 2 Under the applicable pleading standard, see 15 U.S.C. § 78u–4(b)(1), the Pension 3 Fund has not specified why any of Zendesk’s statements relating to data security were 4 false. The Pension Fund argues that Zendesk’s “data security program was not up to the 5 highest possible standards.” See, e.g., Amended Compl. ¶ 67(c). But even assuming that a 6 data breach is enough to infer that data security is not up to the highest possible standards, 7 this breach occurred in 2016, and the Pension Fund cites only statements made in February 8 2019 or later. Id. ¶¶ 53, 63, 77. The Pension Fund’s own allegations show that Zendesk’s 9 data security improved between 2016 and 2019, such that Zendesk’s 2019 statements are 10 plausibly consistent with a breach having occurred in 2016—especially given Zendesk’s 11 acknowledgement that breaches “may remain undetected for an extended period.” Id. ¶ 53. 12 The Pension Fund has, however, plausibly alleged a material omission. Zendesk 13 did not disclose the existence of the data breach, and it is plausible that such a breach 14 “would have been viewed by the reasonable investor” as significant. Basic Inc., 485 U.S. 15 at 231–32 (quoting TSC Industries, 426 U.S. at 449). 16 3. Second Element: Scienter 17 That said, the Pension Fund has failed to “state with particularity facts giving rise to 18 a strong inference” that Zendesk acted with the intent “to deceive, manipulate, or defraud” 19 in failing to disclose the data breach. Tellabs, 551 U.S. at 313–314 (quoting 15 U.S.C. 20 § 78u–4(b)(2); Ernst & Ernst, 425 U.S. at 194 & n.12). The Pension Fund’s allegations 21 indicate that Zendesk was simply unaware of the breach until September 2019. See 22 Amended Compl. ¶ 80. Zendesk’s Notice regarding the incident (published on October 2, 23 2019) shows only that Zendesk “recently” became aware of the breach, id. ¶ 84, and 24 nothing else in the Amended Complaint suggests that Zendesk knew of the breach earlier 25 than September 24, 2019 or was consciously reckless in failing to detect and disclose the 26 breach before then. See Gebhart, 595 F.3d at 1041–42. Accordingly, the Pension Fund’s 27 allegations do not suggest that Zendesk intended to “deceive” or “defraud” regarding the 1 |} the case. 2 C. — Section 20(a) Claims 3 Because the Pension Fund has not stated an underlying securities fraud claim, the 4 || Pension Fund’s § 20(a) control persons claim fails. See 15 U.S.C. § 78t(a).? 5 || IV. CONCLUSION 6 For the foregoing reasons, the Court GRANTS Zendesk’s motion to dismiss without 7 || prejudice. Because it is conceivable that the Pension Fund could add allegations to cure 8 || the above-described deficiencies, the Court grants Zendesk leave to amend. See 9 || Leadsinger, 512 F.3d at 532. The Pension Fund shall have 60 days from the date of this 10 || order to file an amended complaint. 11 IT ISSO ORDERED. iE a Dated: November 9, 2020 CHARLES R. BREYER 13 United States District Judge 15 16 17 Oo Z 418 19 20 21 22 23 24 25 26 27 Ws And because the Pension Fund’s allegations do not satisfy the first two elements of a § 10(b) and 9g |} Rule 10b-5 claim, the Court need not consider whether the Pension Fund adequately pleaded loss causation.
Document Info
Docket Number: 3:19-cv-06968
Filed Date: 11/9/2020
Precedential Status: Precedential
Modified Date: 6/20/2024